Access control for GitHub Pages

GitHub Pages now gives you the option to limit access, making the site visible only to users with access to the repository that published the Page. With access control, you can use GitHub Pages to publish and share internal documentation and knowledge across your enterprise.

As part of this release, we are introducing the following capabilities:

  • Repo admins can select whether GitHub Pages sites are publicly visible or limited to users who have access to the repository.
  • Both private and internal repositories support private visibility. With an internal repository, everyone in your enterprise will be able to view the Page with the same credentials they use to login to
  • Org admins can configure the visibility options that members will be able to select for their Page. For example, you can enforce that your members can only publish content privately.

This feature is generally available today on GitHub Enterprise Cloud. To enable access control on Pages, navigate to your repository settings, and click the dropdown menu to toggle between public and private visibility for your site.


Cool feature (private pages). However I’m not able to turn it on for my organization. I see the setting (checkbox), I click it, I save, and after page re load checkbox is unchecked again. I wonder if other people are having the same issue.


Just limited to enterprise plans. Disappointing. No pay per use or using with limits for teams. Now, they just want that, imagine, that if you have a team of 10 people, and 3 of them need this (even sporadically), just upgrade all the accounts paying 4 times the initial prize - from 600 to 2400-. A typical microsoft manouver.

1 Like

Same experience for me (GitHub Enterprise Cloud customer), the setting for private pages does not effectively save, so it can’t be enabled

1 Like

Hi! @oreilco and @inez For those of you having trouble switching it on - can you tell me the name of the org? If you want to do that privately, can you open a ticket and then tell me so I can go find it? (please don’t share anything sensitive here!)

We’ve seen some others come up against this too, so we’re actively looking into it, and the more information we get, the better!


The org name is ‘Flutter-Global’
I’ve created this ticket for further followups:

1 Like

Thanks @oreilco - that’s now with the right folks.

1 Like

We also need it in Team plan!

1 Like

Are there any plans for the enterprise users for the access control be the Identity Provider (like an Seamless SSO experience) rather than a GitHub Account ?

sometimes documentation can be for non-developers and creating a GitHub account might create some friction to access the site.


@canuckjacq We’re GitHub Enterprise Cloud customers as well (org is industryvault), and having the same issue as @oreilco.

We go to Organization -> Settings -> Member Privileges -> Pages Creation.
Select the “Private” checkbox (Members will be able to create private sites, visible to anyone with permission), then click Save. After clicking Save, refresh the page, and the Private checkbox is now unchecked.

1 Like

This is really cool. I tested it out and it generated my pages url as

How do I change this url? It’s like it to be some combination of orgname and repo name. Is this possible? I only see options to set a custom domain, and I don’t need a custom domain.


This is working now for us, thanks.


Appears the bug has been fixed? Would be good to hear back that the bug has been fixed so we can roll it out in our org.


:wave: Welcome!

The naming conventions for hosted organisation pages sites are:


Or, for project-specific pages sites:


There’s more information here:

1 Like

:wave: Hi @zeba-r-avera

I can confirm that we have shipped a fix for that issue. It wasn’t affecting everyone, so I hope you went ahead and tried it anyway!


Thanks for the reply and I can get to my repo using that naming scheme. I think what confused me is in my repo settings, only the “weird name” is displayed in a note that says “You site is published at tribble” (site doesn’t let me enter the my url from above that contains “tribble”).

I was confused as the the url in the format isn’t shown in the settings page.

One usability issue is that when I use the request is redirected (http301) to the tribble url.

1 Like

Works as expected! Thanks @canuckjacq :slight_smile:

My organisation (team plan) is still experiencing this problem - “Private” checkbox is disabled. Does it make any difference that I am in Asia region?

Tried again with VPN to US and incognito window and it didn’t make a difference.